| API Security: How to Implement the Security in API. Practical Guide Contributor(s): Vick, Jose D. (Author) |
|
 |
ISBN: 154033435X ISBN-13: 9781540334350 Publisher: Createspace Independent Publishing Platform OUR PRICE: $9.49 Product Type: Paperback Published: November 2016 * Not available - Not in print at this time * |
| Additional Information |
| BISAC Categories: - Computers | Web - Web Services & Apis |
| Physical Information: 0.15" H x 5.98" W x 9.02" (0.24 lbs) 72 pages |
| Descriptions, Reviews, Etc. |
| Publisher Description: This book is an exploration of API security. The book begins by explaining to you what API security is and why it is necessary. API security risks have been discussed in detail. You will also be guided on the potential vulnerabilities of APIs and how to mitigate them. Authentication is an important mechanism for ensuring that APIs are secure. It works by ensuring that users accessing the API are the right ones, and that they are authorized to do so. The various authentication mechanisms and protocols in APIs are discussed in this book. With APIs, we need to ensure that users accessing the system only access the right resources. This is implemented via authorization. This book guides you on how to implement authorization in APIs for security purposes, using various protocols created for that purpose. Identity federation is also an important mechanism in API security. This book guides you on how to implement identity federation in APIs. Access Management has also been discussed in detail, as it serves to know the kind of users who access the API and the activities they can perform. API security should be a holistic approach, meaning that each party should be involved and various mechanisms should be employed for securing the API. This book guides you on how to do this. P2P encryption is of importance since there is a need for us to secure the data in transit, which is explored in this book. The following topics are discussed in this book: -What is an API? -API Security Risks to be Mitigated -Authentication in APIs -Authorization -Identity Federation and Access Management -Delegation -Singular Approach vs. Holistic Security -P2P Encryption |